DevSecOps Lead Specialist

Job Title: DevSecOps Lead Specialist
Location: Charlotte, North Carolina
Experience: 12+ Years
Employment Type: Contract
Interview Type: In-Person or Webcam

We are seeking an experienced DevSecOps Lead Specialist to drive secure DevOps practices, oversee CI/CD automation, and ensure the development and deployment pipeline meets enterprise-grade security standards. This role requires a hands-on technical leader with deep expertise in DevOps engineering, cloud security, application security, and infrastructure automation. The ideal candidate will collaborate with development, infrastructure, security, and compliance teams to implement and enforce security controls across the software delivery lifecycle.

• Lead the implementation and optimization of DevSecOps practices across the enterprise.

• Architect, design, and maintain secure CI/CD pipelines integrating automated security tools.

• Drive security automation for code scanning, container security, secret management, and vulnerability management.

• Collaborate with engineering and security teams to embed security requirements early in the development lifecycle.

• Implement security controls and policies for cloud-native environments and container orchestration platforms.

• Monitor, analyze, and respond to security vulnerabilities across applications and infrastructure.

• Provide leadership in incident response, risk analysis, and remediation planning.

• Evaluate and integrate new DevSecOps tools and frameworks to strengthen security posture.

• Train development teams on secure coding, DevSecOps best practices, and threat awareness.

• Produce technical documentation, security compliance reports, and architectural standards.

• Ensure adherence to regulatory, compliance, and governance frameworks.

• 12+ years of overall IT experience including DevOps, Cloud Engineering, and Security.

• Proven experience leading enterprise-scale DevSecOps initiatives.

• Strong expertise with CI/CD tools such as Jenkins, GitLab CI, GitHub Actions, Azure DevOps, or Bamboo.

• Hands-on experience with cloud platforms such as AWS, Azure, or GCP.

• Practical knowledge of containerization and orchestration tools (Docker, Kubernetes, OpenShift).

• Experience with infrastructure as code tools including Terraform, Ansible, or CloudFormation.

• Deep understanding of application security concepts, OWASP, secure coding, and threat modeling.

• Experience with automated security tools such as SonarQube, Snyk, WhiteSource, Checkmarx, Fortify, Aqua, Prisma Cloud, or Qualys.

• Strong knowledge of logging, monitoring, SIEM, and observability platforms.

• Familiarity with identity and access management, secrets management, and zero-trust frameworks.

• Ability to lead cross-functional teams and communicate complex technical concepts clearly.

• Relevant certifications are a plus (CISSP, CISM, CEH, OSCP, AWS Security, Azure Security, Kubernetes).